package com.shyt.security;

import com.baomidou.mybatisplus.core.toolkit.CollectionUtils;
import com.shyt.dao.SysPermissionVo;
import com.shyt.dao.SysUserVo;
import com.shyt.impl.SysPermissionServiceImpl;
import com.shyt.impl.SysUserServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import java.util.HashMap;
import java.util.List;
import java.util.stream.Collectors;


/***
 * 登录验证的工具类，判断登录用户是否存在
 */
@Component
@Slf4j
public class AuthUserDetailUtil implements UserDetailsService {

    @Autowired
    SysUserServiceImpl sysUserServiceImpl;
    @Autowired
    SysPermissionServiceImpl sysPermissionServiceImpl;


    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        log.info("进入登陆验证工具类,验证开始__________________________________");
        HashMap<String, String> permissionRcMap = new HashMap<>();
        permissionRcMap.put("username", username);
        List<SysUserVo> sysUserVos = sysUserServiceImpl.selectSysUserByUsername(username);
        if (CollectionUtils.isEmpty(sysUserVos)) {
            throw new UsernameNotFoundException("用户名或密码错误");
        }

        log.info("____________________________________进入UserDetailsService检查，username:{}", username);
        //首先根据用户名称去查询权限   后续会进行优化，用户名称不唯一，容易出现数据越权
        List<SysPermissionVo> sysPermissionVos =
                sysPermissionServiceImpl.selectPermissionsByUser(permissionRcMap);
        //判断如果权限不是空，则取权限的code集合，给userVo权限赋值
        if (!CollectionUtils.isEmpty(sysPermissionVos)) {
            //先去取code不为空的数据
            List<SysPermissionVo> tempPermissions = sysPermissionVos.stream().filter(
                    item -> !StringUtils.isEmpty(item.getCode()) && !StringUtils.isEmpty(item.getId())).collect(Collectors.toList());

            //code不为空，则赋值给权限属性
            if (!CollectionUtils.isEmpty(tempPermissions)) {
                List<String> permissionCodes =
                        tempPermissions.stream().map(SysPermissionVo::getCode).collect(Collectors.toList());
                //list<String> 转 String[]
                String[] strs = permissionCodes.toArray(new String[permissionCodes.size()]);
                //获取权限列表
                List<GrantedAuthority> authorityList = AuthorityUtils.createAuthorityList(strs);
                //设置权限属性
                sysUserVos.get(0).setAuthorities(authorityList);
                sysUserVos.get(0).setPermissionList(sysPermissionVos);
            }

        }
        log.info("进入登陆验证工具类,验证结束__________________________________");
        return sysUserVos.get(0);
    }
}
